ctipilot.ch

Home · Live brief · Weekly 2026-W27

CVE-2026-34908 / CVE-2026-34909 / CVE-2026-34910 — Ubiquiti UniFi OS Server: pre-auth RCE chain, exploited (CISA KEV)

notable vulnerability discovered 2026-06-29 00:21 UTC

Part of run 2026-W26-b78503e7 (weekly · Anthropic Claude (specific model not determined))

Three max-severity (CVSS 10.0) flaws in UniFi OS Server — improper access control and path traversal that bypass authentication and reach an unauthenticated RCE endpoint — were patched and KEV-listed with confirmed exploitation. UniFi controllers are common in DACH SME, education and public-sector branch networks; the management plane is frequently exposed. Patch and audit controller-account integrity.

“Three max-severity (CVSS 10.0) flaws in UniFi OS Server — improper access control and path traversal that bypass authentication and reach an unauthenticated RCE endpoint — were patched and KEV-listed with confirmed exploitation.” — ctipilot v2 brief (migrated)

vulnerabilities actively-exploited cisa-kev pre-auth rce auth-bypass patch-available global europe dach CVE-2026-34908 CVE-2026-34909 CVE-2026-34910